<?php
/*
 ************* Security Request *************
 * Version 1.1
 * Author:Dicky Pan
 * Release Date:2008-6-5
 * E-Mail:3606302@163.com
 * PHP Version:4.20+
 */

/*
 * *********** 更新日誌 **********************
 * version 1.1
 * 更新日期 2008-6-11
 * 為request方法添加默認值，以減少調用時的代碼量
 */

class SecurityRequest{
	var $arrMARKSTR = array(
			'update','up&#100;ate',
			'select','sel&#101;ct',
			'exec','ex&#101;c',
			'insert','ins&#101;rt',
			'delete','del&#101;te',
			'like','lik&#101;',
			'create','cr&#101;ate',
			'load_file','load_fil&#101;',
			'outfile','outfil&#101;',
			'join','jo&#105;n',
			'into','&#105;nto',
			'union','un&#105;on',
			'drop','dro&#112;',
			'\'','&#39;',
			'=','&#061;');

	function request($name,$type = 'string',$method = 'post'){
		$tmpValue = $this->getValue($name,$method);
		switch(strtolower($type)){
			case 'int':
				return $this->getInteger($tmpValue);
				break;
			case 'bool':
				return $this->getBoolean($tmpValue);
				break;
			case 'float':
				return $this->getFloat($tmpValue);
				break;
			default:
				return $this->getString($tmpValue);
				break;
		}

	}

	function getValue($name,$method){
		switch(strtolower($method)){
			case 'post':
				return $_POST[$name];
				break;
			case 'get':
				return $_GET[$name];
				break;
			default:
				return $_REQUEST[$name];
				break;

		}
	}

	function StringInject($str)
	{
		for($i=0;$i < count($this->arrMARKSTR);$i+=2){
			@ $str = eregi_replace($this->arrMARKSTR[$i],$this->arrMARKSTR[$i+1],$str);
		}
		return $str;
	}

	function getInteger($value){
		if(is_numeric($value)){
			return intval($value);
		}else{
			return 0;
		}
	}

	function getString($value){
		return $this->StringInject($value);
	}

	function getBoolean($value){
		if($value=="0"||strtolower($value)=="false"||$value==''){
			return false;
		}else{
			return true;
		}
	}

	function getFloat($value){
		if(is_numeric($value)){
			return floatval($value);
		}else{
			return 0;
		}
	}
}

//$sr = new SecurityRequest;
//$temp = $sr->request('my','bool','get');
//echo $temp;
?>